Large Primes
Matthew Byng-Maddick
ukcrypto at lists.colondot.net
Fri, 16 Aug 2002 15:14:37 +0100
On Fri, Aug 16, 2002 at 02:36:22PM +0100, Owen Lewis wrote:
> Therefore, the content of transmissions so protected offers two different
> and equally attractive foci for cryptanalysis. Recover the RSA private key
> and, hence, obtain the session key or attack the bulk ciphertext directly to
> recover the session keys.
[snip reasonable conclusions drawn from this wrong starting point]
This is, I'm afraid, not true.
Attacking the session key allows me to decrypt this one message. Attacking
the RSA key allows me to decrypt this and all future messages. They are
therefore *not* ``equally attractive foci for cryptanalysis''. After all,
you can trivially switch algorithm for the main data, and the data you've
previously encrypted may have fallen, but the future data won't. This is
a good thing.
MBM
--
Matthew Byng-Maddick <mbm@colondot.net> http://colondot.net/